Subscribe to our Threatpost Today newsletter

Join thousands of people who receive the latest breaking cybersecurity news every day.

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

*

*

I agree to my personal data being stored and used to receive the newsletter

*

I agree to accept information and occasional commercial offers from Threatpost partners

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

ThreatList: Holiday Spam, the Perfect Seasonal Gift for Criminals

Consumers are much more likely to fall for spam during the season of giving.

Maybe holiday cheer makes people less cynical. If so, that explains why social-engineering spam tactics prove to be more effective during the festive season.

New research shows that spam campaigns disguised as delivery notifications or online shopping invoices, while always a favored tactic by criminals, work even better around the holidays. That’s largely because, among other factors, most people are in the giving mood, sending packages and receiving them – and letting their guard down as they get into the spirit of the season.

“The kind of spam that criminals use doesn’t seem so spammy to a lot of people this time of year. More people are just more open to the commercial messages spammers like to spoof, which makes individuals more vulnerable at home and at work,” said F-Secure’s behavioral science lead Adam Sheehan in a report released Wednesday. “Tests we performed using simulated Black Friday and Cyber Monday phishing emails saw about 39 percent more people click than similar tactics we use at other times during the year, which isn’t a trend we like to see.”

It’s also a function of basic human nature, the report postulates:

“Online criminals are also behavioral scientists in their own right. They know we’re inclined to click first before we ask questions because we like to nurture our own fantasies about the gifts we might receive while also refraining from questioning others to keep from spoiling a surprise.”

2018 Spam Trends

Researchers point to spam as the most common method for cybercriminals to spread malware overall in 2018, accounting for nine out of every 10 infection attempts throughout the year. Roughly 69 percent of spam campaigns attempted to trick users into visiting malicious URLs to download a malware-laden file or committing another online action that results in an infection. Malicious attachments were used in the remaining 31 percent of campaigns.

Also, the majority of observed spam campaigns target users in Canada, E.U., Japan and the U.S., the firm said.

As far as payloads, downloaders, bots and backdoors account for 52 percent of malware delivered through spam, followed by banking trojans (42 percent) and then ransomware (six percent). Overall, the Emotet, Trickbot and Panda banking trojans are the most frequently seen malware families delivered through spam.

F-Secure researcher Patricia Revilla-Dacuno however noted that these trends have to be put into context.

“It’s true that we see less ransomware as the main payload in these spam emails, but it’s still frequently delivered as a follow-up payload by backdoors or bots,” she explained. “Infection chains are becoming more complicated and the Emotet banking trojan, which is fairly common, has evolved into a credential stealer and downloader, and now used in different ways for a variety of schemes.”

She added, “A couple of years ago we could have confidently pointed to ransomware as the big issue, but now there’s more of a variety of threats to watch out for.”

Interestingly, the research also indicated that the decline of exploit kits is continuing. The number of active exploit kits declined from six in 2017 to four in 2018, and has decreased by 87 percent since 2013.

Anyway, here is to holiday cheer. May it, at least, take the edge off impending in-law visits.

Authors

Threatpost

InfoSec Insider Post

InfoSec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Post

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.